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Abstract: 

A method of the invention comprises generating a display of privilege state data 
for a network system in a three-dimensional view. The privilege state data can 
include graphical symbols indicating "on", "inherited on", "public on", "off", "not 
set", and "disabled" states. The display can include at least one privilege label, 
object label, and user label arranged along respective axes of the 
three-dimensional view. The privilege state data can be displayed one or more 
cells arranged in association with respective privilege label(s), object label(s), 
and user label(s). The privilege label identifies at least one privilege, the object 
label identifies at least one object associated with the privilege, and the user 
label identifies at least one user or group of users associated with the object. The 
privilege labels can identify data access, data view, and data flow privileges to 
access or transfer data pertaining to the object within or without the network 
system. The privilege labels can also identify use privileges to use one or more 
software components. The object labels can identify one or more data objects 
stored in a database accessible by the network system, or one or more software 
components. The user labels can identify at least one user and/or user group. 
The invention also includes additional methods, a network system, and an article 
of manufacture. 
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(57) Abstract: A method of the invention characterized by generating a display of privilege state data for a network system in a 
three-dimensional view. The privilege state data can include graphical symbols indicating "on", "inherited on", "public on", "off', 
"not set", and "disabled" states. The display can include at least one privilege label, object label, and user label arranged along 
respective axes of the three-dimensional view. The privilege state data can be displayed one or more cells arranged in association 
with respective privilege label(s), object label(s), and user label(s). The privilege label identifies at least one privilege, the object label 
identifies at least one object associated with the privilege, and the user label identifies at least one user or group of users associated 
with the object. The privilege labels can identify data access, data view, and data flow privileges to access or transfer data pertaining 
to the object within or without the networic system. The privilege labels can also identify use privileges to use one or more software 
components. The object labels can identify one or more data objects stored in a database accessible by the networic system, or one or 
more software components. The user labels can identify at least one user and/or user group. The invention also includes additional 
methods, a network system, and an article of manufacture. 
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METHODS, SYSTEM AND ARTICLE FOR DISPLAYING 
PRIviLEGE STATE DATA 
Technical Field 

This invention relates to meliiods, a system, and an article for displaying privilege 

5 state data indicating the privileges of users or groups of users to use different objects 

supported by a network environment, for example. Such objects can include data or software 

components. In addition, the method, apparatus, and article can have the capability to 

receive and set privilege state data defining lise privileges of objects for various users or 

groups of users. 
10 Bacl^roand Art 

In most network environments, the users or groups of users have varying privileges 

with respect to objects supported by the network. The privileges are generally controlled by 

a system administrator that uses an application program to set privilege states for all users or 

groups of users with respect to the objects. For example, in a particular organization, it may 

15 be desirable that a user group of corporate of&cers have access to accounting data supported 
by the network system, but fliat other users such as quality control personnel not have access 
to such information. Such privileges can be set by appropriate definitions of the two groups 
and privilege settings with respect to the accounting data using the application program. 
, Generally, a different application program running on a network server uses the privilege 

20 state settings to enforce restrictions on privileges of the network objects for different users or 
groups of users. 

The complexity of the privilege state data scales rapidly upward with increasing 
numbers of objects, privileges associated with the objects, and users or user groups on the 
network system, and therefore administration of privilege states becomes increasingly 

25 dif&cult In addition, updating of the privilege states is required with changes in the users or 
users groups, objects, and privileges associated with the objects. Complexity of privilege 
states is further increased by the &ct that some users or groups may "inherit** privilege rights 
from other groups of which fliey are members. In previous plication programs of this 
nature, the display of privilege state data is generally done in a manner that makes it 

30 relatively difficult to understand which users have privilege rights to which objects, and the 
derivation of those privilege rights, e.g., whether through direct settings or through 
inheritance. Therefore, setting privilege states as they should be or debugging improper 
settings is generally relatively difficult with such application programs. It would be 
desirable to provide mefliods, a system, and an article that have the capability to display 

35 privilege state data in a readily comprehensible maimer. In addition, it would be desirable to 
pix)vide methods, a system, and an article that have the capability to permit privilege state 
settings to be readily made. Furthermore, it would be desirable to provide mettiods, a 
system, and an article that can be used to generate a display that readily permits 
comprehension of privilege states. 
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Disclosure of the Inventioii 
The mvented mefliods, system and article have as their objects to overcome the 
above-stated problems with previous devices and techniques, and do in fact overcome such 
problems and provide significant advantages ov^ the prior art. 
5 A first method of the invention is characterized by generating a display of privilege 

state in a three-dimensional view. The privilege state data can be used to indicate the 
privileges of users or groups of users with respect to an object such as data or a sofiware 
component accessible by such user or group of users. The privilege state data can be 
represented by graphical symbols indicating "on", "inherited on", "public on", "ofiP', "not 

10 set", and "disabled" states. The display can include at least one privilege label, object label, 
and user label arranged along respective axes of the three-dimensional view. The privilege 
state data can be displayed in one or more cells arranged in association with respective 
privilege label(s), object label(s), and user label(s). The privilege label identifies at least one 
privilege, the object label identifies at least one object associated with the privilege, and the 

IS user label identifies at least one user or group of users associated with the object The 
objects can be data and/or software conqionents accessible by flie network system. The 
privilege labels can identify data access, data view, and data flow privileges to access or 
transfer data pertaining to the object within or without the network system, and/or use 
privileges relative to software component objects. The object labels can identify respective 

20 data object(s) stored in a database accessible by the network system, or software component 
object(s) accessible by the network system. The user labels can identify at least one user 
and/or user group. 

A second method of the invention is characterized by generating a display of 
privilege state data in an array of cells in a three-dimensional view on a tenninal device, the 

25 privilege state data of the cells displayed in correspondence with privilege labels, object 
labels, and user labels arranged along respective transveirse axes of the three-dimensional 
view. The display is generated by the user interface of a terminal device. The privilege 
labels can be generated based on respective privilege data, the object labels can be generated 
based on respective object data, and the user data can be generated based on respective user 

30 data. The method can include inputting privilege state data with the user interface of the 
terminal device into at least one cell of the array using at least one privilege label, object 
label, and user label. The second method can also include determining the privilege data, 
object data, and user data corresponding to the cell in which the privilege state data is input. 
The second method can also include storing the privilege state data in a memory in 

35 correspondence with respective privilege data, object data, and user data for the cell in which 
the privilege state data was input. The second mediod can fiirther include updating die 
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display to include privilege state data input by the user in the inputting step, based on the 
privilege state data stored in the memory. The privilege state data can include data for "on", 
"inherited on", "public on", "oflP*, "not set", and "disabled" states. The privilege labels, 
object labels, or user labels can be implemented as software controls. The second method 

5 can also include selecting at least one of the privilege labels, object labels, or user labels with 
the user interface of the terminal device, and modifying the display of the privilege $tate data 
by removing or adding cells in the three-dimensional view based on the selected one of the 
privilege labels, object labels, or user labels. The user data can identify first and second user 
entities related by a predetermined hierarchical relationship, and the privilege state data can 

10 be input in at least one cell corresponding to first user entity in the inputting step. The 
second method can further include determining whether the second user entity inherits 
privilege state data firom the first user entity, based on the hierarchical relationship. If the 
determination establishes that the second user entity inherits the privilege state data firom the 
first user entity, the second method includes storing the privilege state data in 

15 correspondence with the user data for the second entity, and the object data and privilege data 
for which tiie privilege state data was ixiput in the inputting step. The second method can 
further include determining whether a first object inherits the privilege state data of a second 
object, based on predetemiined dependency data. If so, the second method stores the 
privilege state data for the first object as the privilege state data for the second object for the 

20 user data designated by the inputting step. The second method can further include 
determining whether a first privilege inherits the privilege state data of a second privilege, 
based on the predetenrdned dependency data. If the determination establishes that the first 
privilege inherits the privilege state data of a second privilege, the second method includes 
storing the privilege state data in correspondence with the first and second privilege data for 

25 the object and user data specified by the inputting step. 

A network system of the invention is characterized by at least one terminal device, a 
data storage unit, and at least one server. The terminal device has a user interface generating 
a display of privilege state data in an array of cells in a three-dimensional view. The cells 
are displayed in correspondence with privilege labels, object labels, and user labels arranged 

30 along respective transverse axes of the three-dimensional view. The data storage unit is 
coupled to. the terminal device. The data storage unit stores corresponding privilege data, 
object data, user data, and privilege state data. The terminal de^dce can be used to generate 
privilege state symbols, privilege labels, object labels, and user labels, based on the privilege 
state data, privilege data, object data, user data, respectively. The server is coupled to the 

35 terminal device and the data storage unit. The server transmits privilege state data, privilege 
data, object data, and user data between the terminal device and the data storage ]umt. The 
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display can be generated on the user inter&ce by an s^lication program running on the 
terminal device. The appUcation program can include an inter&ce to convert privilege state 
data, privilege data, object data, and user data into privilege state symbols, privilege labels, 
object labels, user labels, respectively, for display on the user interface of the terminal 
5 device. 

An article of manufacture is characterized by a storage medium having an application 
program for generating a display in a fliree-dimensional view on a terminal device based on 
privilege state data. 

An object of the invention is to display privilege state data in a readily 
10 comprehensible manner. 

Another object of the invention is to permit privilege state settings to be readily 
effected. 

A further object of the invention is to permit derivation of privilege states to be 
displayed so as to be readily understandable. 
15 These, together with other objects and advantages, which will become subsequently 

apparent, reside in the details of construction and operation as more fiiUy heremafter 
described and claimed^ reference being made to the accompanying drawings, forming a part 
hereof wherein like numerals refer to like parts throughout the several views. 

Brief Description of the Drawings 
20 Fig. 1 is a block diagram of a network system in accordance with the invention; 

Fig. 2 is a general flow chart of the method of the invention; 
Fig. 3 is an exemplary view of privilege state data generated for data tables in 
accordance with the invention; 

Fig. 4 is an exemplary view of privilege state data generated for a software 
25 component supported by a network system; 

Fig. 5 is a flow chart of a method for creatmg privilege state data in a preparatory 
mode of the invention; 

Figs. 6A and 6B are flowcharts of a method for generating a display based on tiie 
privilege state data in an operation mode of the invention; 
30 Fig. 7 is a data table includiag privilege state data for a user; 

Fig. 8 is a data table including privilege state data for groups of users; 
Fig. 9 is a data table including mdicating dependency relationships between objects; 
Fig. 10 is a data table includmg dependency relationships between privileges; 
Fig. 1 1 is a data table for generating a display based on privilege state data; 
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Fig. 12 is a display generated by a user inter&ce of a terminal device in the network 
system to permit a user to create or modify users, user groups, and hierarchical relationships 
between the user wtities; 

Fig. 13 is a view oif a dialog box for creating, modifying, or deleting user data; 
S Fig. 14 is a view of a dialog box for creating, modifying, or deleting privilege dat^ 

and 

Fig. 15 is a view of a dialog box for creating, modifying, or deleting object data, 

.t 

h Mode(s) for Carrying out the Invention If M 

As used herein, the following terms have the following definitions: 
10 "Coupled" in an electronic sense refers to joining electronic components together 

with a conductive line such as a wire or cable, or by transmission of signals through air or 
other media, for example, or by transmission of optical signals via optic fiber or other 
waveguides; 

"Database server" is a server for handling transfer of data between a terminal 
15 device(s) or network server and a data storage unit. 

"Input device" refers to a keyboard, mouse, wand or any other device that can be 
operated by a user to input commands or data mto a client device. 

"Interface unit" is an interface between a netwoik server and a terminal device. The 
interface unit can be an Ethernet® interface card, for example. 
20 "Memory" or "storage media" is used in a general sense infers to any memory storage 

medium including random-access memory (RAM), read-only memory (ROM), CD-ROM, 
DVD, hard-storage-disk drives, tape drives, or any other storage device. In the context of a 
tenninal device, memory typically refers to RAM and/or ROM. 
"Memory storage unit" refers to a hard-disk drive unit. 
25 "Data storage unit" refers to a hard-disk drive data storage unit or other data storage 

device. 

"Network" can refer to any communications network. Such network can include a 
local area network (LAN), a wide area network (WAN), and internetwork such as the 
worldwide web, depending upon context. 
30 "Network server" is a server for handling transmission of data and signals for objects 

supported by tiie network system and data between one or more teiminal device(s) and an 
internetwork such as the world wide web or Internet. 

"Object" as used herein is the subject of a privilege, and can mclude data or software 
components. 

35 "Privilege" refers to the operations allowed for a user relative to a network resource 

such as a database, accessible on a network system. The operations can include the ability to 
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access a server of tiie network system, view the contents of a file directory, create, delete, 
read, write, or transfer data on a network system. "Privilege" also ref^ to operations 
allowed for a user relative to a software conq)onent, such as the ability to use the component 
or portions thereof. 'Trivilege state data" is a data rqpresoatation of the state of a particular 

5 privilege. The privilege state data can have states including "on", "inherited on", "public 
on", "oflP', "not set", and "disabled" states. 

"Terminal device" refers to any processing device that has the capability to generate a 
display. The terminal device can be a personal computer, a network terminal, a personal 
digital assistant, or other device. 

10 "User entity" refers to a user or group of users. Groups can be subgroups of other 

groups. 

"(s)" after a word means "one or more" of the thing meant by that word. 

"Server" refers to a processing device that is responsive to commands from a terminal 
device. Theserver can be a computer. The server can also be cq)able of handling document 
15 data from tiie terminal device. 

"Standard protocol" means a protocol in use by more than one million users. 

"(s)" at the end of a word means "one or more." For example, "subsystem(s)" means 
"one or more subsystems." 

1, The Network System 

20 ■ In Fig. 1, an exemplary network environment for the iavention is shown. In Fig. 1, a 
network systein 10 generally includes at least one terminal device 12, additional terminal 
devices 12' (two are shown in Fig. 1), a data storage unit 14^ a database server 16, network 
serveir 18, and a network 20. The terminal device 12 for >yhich internal details are shown is 
coupled to the network server 18 and can be used by a system administrator, for example, to 

25 manage the network system 10. The terminal device 12 runs an application program of the 
invention to generate a display of privilege state data in a three-dimensional view. As with 
the oth^ components of the network system 10, the network server 18 is coupled to the 
network 20 via standard electrical or optical connections. The terminal devices 12' are 
coupled to the network 20 and run client application programs that can be used to interact 

30 with the network server 18 that runs a server program. The network server 18 manages 
transf^ of control signals and data between the terminal devices 12, 12' and the data storage 
unit 14 via the database server 16. Within the network system 10, the data and signals can 
be transferred in a predetermined network protocol such as the Ethernet® protocol. The 
database server 16 is coupled to the network 20 and the data storage unit 14 and manages 

35 transfer of data and control signals between the network 20 and the data storage unit 14. The 
data storage unit 14 stores data tables that include user data, object data, privilege data, and 
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privilege state data. The data stoiage unit 14 can also store parent group data, object 
dependency relationships, and privilege dependency relationships. In running its application 
program, the terminal device 12 uses die data stored in the data storage unit 14 as will be 
described in more detail in a subsequent section of this document. 
5 The network server 1 8 can be coiq>led to intemetwork 22 such as the world wide web 

via a standard telephone line, Tl line, broadband, digital subscriber line (DSL) using TCP/IP 
^mP), FTP, or other standard protocols for the signals transmitted thereon. The 
intemetwork 22 can be coiq)led to remote terminal device(s) 24 and/or remote network(s) 26 
that can have objects, i.e., data or software components, used by the users of the netv^ork 
10 system 10. 

The terminal device(s) 12 can include a processor 28, a memory 30, a memory 
storage unit 32, a keyboard 34, and a mouse 36. The terminal device(s) 12 includes a display 
38. The terminal device(s) 12 can also include an interface unit 42 coupled to the netvvork 
server 18. The processor 28, the memory 30, the memory storage unit 32, keyboard 34, 

15 mouse 36, display 38, and.interface unit 42 are coupled to a bus 40 of the terminal device(s) 
12. The processor 28 can be a microprocessor such as a Pentium® I, n or m, Pentium Pro®, 
Celeron®, or Merced® miax>pFocessor produced by Intel® Corporation, Palo Alto, 
California, an Athlon® or K7-generation microprocessor produced by Advanced Micro 
. Devices®, Inc., Palo Alto, California, or an equivalent oir more advanced generation of 

20 microprocessor. Alternatively, the processor 28 can be implemented as a microcontroller, 
programmable logic array (PLA), field programmable logic array (FPLA), programmed 
array logic (PAL), or other processing device. The processor 28 is coupled to a memory 30 
that can include a random-access memory (RAM) and a read-only memory (ROM). The 
RAM provides relatively high-speed data and application program access to the processor 

25 28. The ROM stores data in a non-volatile fashion such as the basic input/output system 
(BIOS) executed by the processor 28 upon power-up of the terminal device 12. The memory 
30 stores the client program, application program and its interface modules, and operating 
system used by the processor 28 in operation thereof! The memory 30 also stores 
predetemmed data therem or that is generated by fiie processor 28 as it executes the 

30 application progranL The memory 13 can also store data retrieved fix>m the data storage unit 
14. The memory 13 is of course of sufficient size to hold such data, and can be on the order 
of one megabyte or more, for example. The processor 28 can use data stored in the memory 
30 to generate a display on the unit 38. The display unit 38 can be a cafliode ray tube (CRT), 
flat-panel liquid-crystal display (LCD), or other type of display unit. The processor 28 is 

35 also coupled to a memory storage unit 32 such as a hard disk-drive unit. The memory 
storage unit 32 stores application programs and data files if not in use by the processor 28. 
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The keyboard and mouse input devices 34, 36 can be operated by a user to generate and data 
or control signals to the processor 28. The processor 28 is coiqiled to supply a display signal 
to the display unit 38 to generate a display, based on the user data, object data, privilege data, 
and privilege state data stored in the data storage unit 14. The display signal is generated by 

5 the processor 28 and stored in the memory 30. The processor 28 can periodically retrieve tiie 
display data from the memory 30 and generate the display signal based thereon. The 
database and network servers 16, 18 can be implemented by many commercially-available 
devices including many available from Dell® Corporation, Round Rock, Texas, 
Intemational Business Machines® Corporation, Armonk, New York, Compaq® 

10 Corporation, Houston, Texas, Hewlett-Packard® Corporation, Palo Alto, California, and 
others. 

In the network system 10, users are uniquely identified by xiser data. The users of the 
network system 10 generally have differing privilege rights with respect to use of data or 
software components residing qn servers 16, 18, data storage unit 14, or temmial devices 12, 

15 12'. Such data or software components are referred to as "objects" herein, and these objects 
are uniquely identified by "object data". The different uses that user can perform with the 
objects are referred to as "privileges" that are uniquely identified in the network system 10 
by "privilege data". "Privilege state data" refers to the state of a privilege. Such privilege 
state data generally includes at least "on" and "ofif states corresponding to permission and 

20 prohibition, respectively, of the exercise of a privilege of an object for a user. The privilege 
state data can also include "inherited on", "public on", "not set", and "disabled" states whose 
meaning will be explained in a subsequent section of this document 

The terminal device 12 has a user interface generating a display of privilege state data 
in an array of cells in a three-dimensional view. The user interface is defined as the portion 

25 of the terminal device that pemuts a user to interact with the terminal device 12, and 
generally includes the keyboard 34, the mouse 36, the display 38 the portion of the 
application program stored in the memory 30 and executed by the processor 28 to generate a 
display on the unit 38. The user interface also receives and processes data and control 
signals input by the user via the keyboard 34, the mouse 36, and the display 38. The user 

30 inter&ce of fiie terminal device 12 can be used to create, modify or delete user data, object 
data, privilege state data, hierarchical relationships between dififerent user entities, and 
dependency relationships between different objects or different privileges. 

Running under the application program of the invention, the terminal device 12 reads 
user data, object data, privilege data, and privilege state data. In the typical case, the 

35 terminal device 12 retrieves such data fix)m the data storage unit 14 via the database server 
16, the network 20, and the network server 18. Based on the user data, object data, privilege 
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data, and privilege state data, the temim^ device 12 generates a display of privilege state 
data for the network system 10 in a three-dimensional view cells are displayed in 
correspondence with privilege labels, object labels, and user labels! The privilege labels, 
object labels, and user labels visually identify the various users, objects, and privileges of the 
5 netvtrork system 10. The privilege labels, object labels, and user labels are generated by the 
terminal device 12 from the user data, object data, and privilege data, respectively. The 
privilege labels, object labels, and user labels are arranged along respective transverse axes 
of the three-dimensional view. The privilege state data is displayed in correspondence with 
respective privilege labels, object labels, and user labels. The privilege state data can be 
10 represented as graphical symbols representing "on", "ofiP, "inherited on", "public on", "not 
set", and "disabled" states. 

2. General Method of this Invention 
Fig. 2 is a flowchart of a general method of the invention. The method of Fig. 2 can 
be executed by the application program of the invention running on the terminal device 12. 

15 The method starts in step SI. In step S2, a display of privilege state data for a network 
system 10 is generated. The privilege state data is displayed in correspondence with 
privilege labels, object labels, and user labels in a three-dimensional view. The three- 
dimensional view permits facilitates viewing of the privilege state data, as will become more 
apparent in reference to Figs. 3 and 4. 

20 3. Display of Privilege State Data 

Fig. 3 is an exemplary view of a display 42 of a three-dimensional view of privilege 
state data in accordance with the invention. The display 42 can be generated on the display 
unit 38 of the terminal device 12. The display 42 of Fig. 3 pertains to objects that are data 
that can be used by users or groups of users in the network system 10. The display 42 

25 includes privilege labels 44 arranged along an x-axis of the tiiree-dimensional view in Fig. 3. 
The privilege labels correspond to the privilege data. The privilege labels identify "Data 
Access", "Views", and "Data Flow" categories of privileges. The privilege labels for data 
access privileges include "Read", "Write", "Create", "Delete", and "Batch Update" 
corresponding to privileges for reading, writing, creating, deleting, or updating data, 

30 respectively, stored in the network system 10. The privilege labels for "Views" include 
"Create Views", "Print", "Eaqwrt", "View Destination" corresponding to privileges for 
creatuig a view of data, printing data, e}q)orting data, and at which data is to be viewed. The 
privilege labels for "Data Flow" include "Confidential", "From Assisted", "From Managed", 
"Echo Deletes", "Inherit", "Replicate Up", "Replicate Down", "Share", "Share Publicly" and 

35 "Transfer". The "Confidential" label corresponds to the privilege to transfer confidential 
data, the "From Assisted" label corresponds to the privilege to transfer data from a lower 
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level user entity to a higher level user group based on predetennined hierarchy relationships 
among user entities. The "From Managed" label corresponds to the privilege to transfer data 
from a higher level user group to a lower level user entity based on predetermined hierarchy 
relationships among user entities. The "Echo Deletes" label refers to the privilege to affect a 
5 delete across more than one level of user entities in the hierarchical relationship established 
for users of the network system 10. The "Inlierit" label refers to the privilege to inherit 
privilege rights from other user entities based on the hierarchical relationship predetennined 
for the users of the network system 10. The "Replicate Up" and "Replicate Down" labels 
refer to the privileges to replicate data up or down hierarchical levels, respectively. The 

10 "Share" label refers to the privilege to share data within a predetermined group of users. The 
"Share Publicly" label refers to the privilege of a user to permit data to be accessed by users 
remote from the network system 10. The "Transfer" label refers to the privilege to transfer 
data to any other user within or without the network system 10. 

Arranged along the y-axis direction of the three-dimensional view of the display 42 

IS are object labels 46 identifying respective objects that in this case are data tables. The data 
objects generally vary between different network systems. Accordingly, the particular data 
objects such as "AdamCriteria", "AdamLog", "Addresses", "Administration", etc. are 
exemplary only, and can be defined differently for implementation in other network systems. 
There can be numerous object data, and a scroll bar 48 can be used to select predetemiined 

20 object data for display. The scroll bar 48 can be used to scroll through an alphabetical 
listing, for example, of the data objects used by the users of the network system 10. 

Along the z-axis direction are arranged user labels corresponding to respective users 
of the network system 10. The user labels in Fig. 3 include "Public", "Default", "CEO" and 
"JoeUser" in Fig. 2. The "Public" label corresponds to a public group and is used to set 

25 privileges for objects that are available to all users of the network system 10. The "Default" 
label corresponds to a default user group and is used to set privileges if no privilege state 
data is set for corresponding objects and privileges for a user groiq)(s) or user(s). The "CEO" 
label is a representative label for a group of users of the network system 10. The "JoeUser" 
label applies to a user of the network system 10. 

30 Arranged in correspondence with the privilege labels 44, the object labels 46, and the 

user labels 50 are cells 52. The cells 52 are basically graphical cubes, only a few of which 
are specifically designated in Fig. 3. The cells 52 are airranged in correspondence with 
respective privilege labels 44, object labels 46, and user labels 50. The cells 52 include 
respective privilege state data corresponding to the privilege data, object data, and user data 

35 for the labels 44, 46, 50, respectively. As indicated by key 54 of the display 42, tiie privilege 
state data includes "On", "Off, "Inherited on", "PubUc on", "Not Set (OfQ", and "Disabled" 
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states and is represented by respective graphical symbols, i.e., a green check, yellow check, 
blue check, red bullet, blank field, and cross-hatch, respectively. The "On" state indicates 
that the privilege has been set to permit its exercise by the corresponding object and user 
entity. "Inherited On" indicates that the privilege has been permitted for a corresponding 

5 object and user entity by inheritance firom an "On" state setting at a higher level within the 
predetermined hierarchical relationship of user entities. For example, if privilege state data 
is activated in a group to which a user belongs, the user will inherit the associated privilege 
due to the predetermined hierarchical relationship. The "Public On" state indicates that the 
privilege has been permitted for the corresponding object and user entity by at the piuiblic 

10 level of the hierarchical relationship. The "Ofi" state indicates that the privilege is 
afiinnatively not permitted for the corresponding object and user entity. The "Not Set (Off)" 
indicates that the privilege is prohibited for the corresponding object and user entity, but 
could be permitted if a setting at a different hierarchical level, object dependencies, or user 
depwdencies so allow. The "Disabled" state indicates a state that is not possible for the 

15 corresponding privilege, object, and user. 

The user int^ace of the temiinal device 12 can be operated by a user to input 
privilege state data. For example, tiie user interface can be controlled via the mouse 36 to 
position the cursor 58 to point to a predetemiined cell 52. By choking the mouse 36 the user 
can select a cell 52 and input privilege state data into the selected cell. For all us^ excqit 

20 the pubUc group level, the user inter£ice can be implemented so that successive clicks of the . 
mouse 36 cause the privilege state data to sequence firom "On", "Off", "Not Set (Off)" and 
"Disabled" states. At the public group level, the user interface can be implemented so that 
successive clicks of the mouse 36 cause the privilege state data to sequence &om "Public 
On", "Off, "Not Set (Off)" and "Disabled" states. Upon saving the privilege state data set 

25 via the user interface of the terminal device 12, the privilege state data for corresponding 
privilege data, object data, and user data are stored in a data table of the data storage unit 14. 
The storing of such data can be performed by the network server 18 via the network 20 and 
database server 16. 

The privilege labels 44, tiie object labels 46, and the user labels 50 are effectively 
30 software buttons that can be activated by the user interface to generate remove or add cells 
fiom the array displayed in running of the application program on the termioal device 12, 
This feature permits viewing of privilege state data for any privilege, object and user entity 
of the network system 10. More specifically, the display of Figure 3 is ttiat which results 
&om positioning the cursor 58 with the mouse 36 to point to the "From Assisted" privilege 
35 label and clicking with the mouse, positioning the cursor with the mouse to point to the 
"Anniversaries" object label and cUcking with the mouse, and positioning the cursor with the 
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mouse to point to the "CEO" label and clicking with the mouse. In general, if a privilege 
label 44 to the left of the rightmost cells displayed in Fig. 3 is selected with ihe user 
inter&ce, the application program will remove all cells to the right of the y-z plane defined 
by such selected object label. Conversely, if a privilege label 44 to the right of the leftmost 
5 displayed cells 52 is selected with the user interface in Fig. 3, the application program will 
add cells to the right of such selected object label up to the y-z plane defined by the selected 
object label. If an object label 44 more inward into the plane of the view of Fig. 3 is selected 
via the user interface, cells that are further outward fi*om the selected object label are 
removed along a plane parallel to the x-z plane. Conversely, if a privilege label 44 more 

10 outwardly from the displayed cells 52 in Fig. 3 is selected with the user interface, the 
application program running on terminal device 12 will add cells 52 the outwardly to the x-z 
plane defined by the selected object label. If a user object label that is lower along the z-axis 
direction relative to the displayed cells 52 is selected via the user interface, the application 
program ruxming on the terminal device 12 will remove cells above a plane parallel to the x-y 

15 plane that corresponds to the selected user label. Conversely, if a user object level that is 
higher along the ^axis direction in Fig. 3 relative to ihe displayed cells, the plication 
program will add cells corresponding up to a plane parallel to the x-y plane. Accordingly, 
the cells 52 of tibe display 42 can be added or removed to reveal cells 52 and conespondmg 
privilege state data at different levels within the array of cells. 

20 In the foregoing it should be appreciated that the display 42 sppears to the user to be 

three-dimensional, but is in actuality the two-dimensional display generated on the unit 38. 
The application program therefore has de capability to calculate a projection from the two- 
dimensional screen to the three-dimensional representation of the display from the user's 
perq)ective to determine the position of the cursor 58 upon clicking of the mouse 36 with 

25 respect to the user labels, object labels, privilege labels, and cells containing privilege state 
data. Such coding can be implemented with mathematical projection formulae to project the 
two-dimensional point to the coirespondmg cell or label to ttie three-dimensional view of the 
user labels, object labels, privilege labels, and cells contaming privilege state data. 

The user interface of the temunal device 12 can be used to position the cursor 58 to 

30 activate one of the tabs 60. The "Table Security" tab is selected via the user interface to 
generate the view of Fig. 3. If the "Business Component Security" tab is selected via the 
usier interface, the display 42 of Fig. 4 is generated on the display unit 38 of the terminal 
device 12. The display 42 of Fig. 4 pertains to objects that are software componmts of the 
network system 10. As compared to data for which the total number of different privileges is 

35 relatively defined, the privileges and objects for software components generally vary widely 
depending upon the nature of the software components that can be used in the network 
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system 10. Such privileges can include the ability to use a software component or portions 
thereof. Different software, component objects can be selected for display via ttie user 
interface by selecting fiom menu 62 with the cursor 58 and mouse 36. In addition, software 
buttons 64 can be selected via the cursor 58 and tiie mouse 36 to create a display 42 for a 
5 new software component object, to edit the privilege data, object data, user data, and/or 
privilege state data for an existing object, or to delete an object. 

4, Method for Preparatory Mode of the Invention 
In Fig. 5, a method for the preparatory mode of the invention begins in step SI. In 
step S2 the user entities of the network system 10 and the hierarchical relationships between 

10 the user entities are defined to generate user data and parent group data. In step S3, the 
objects of the network system having security privileges are identified to generate object 
data. In step S4, the privileges of the objects are identified to generate privilege data. In step 
S5, the dependencies between objects are identified to create dependencies between objects. 
In step S6, dependencies between privilege data are idratified. In step S7, data tables are 

15 created based on the data generated and relationships identified in steps S2 - S6. The data 
tables include USER.TABLE, GROUP^TABLE, OBJECT JDEPENDENCY_TABLE, and 
PRIVILEGE_.DEPENDENCY_TABLE. In step S8, a data table for DISPLAY_TABLE is 
. created for use in generatmg the display 42. The DISPLAY_TABLE is created based on the 
USER_TABLE, GROUP^TABLE, 0B3ECT_DEPENDENCY_TABLE, and the 

20 PRIVILEGE_STATE_TABLE. In step S9 of Fig. 5, the USER_,TABLE, GROUP^TABLE, 
OBJECT_DEPENDENCY_TABLE, PRIVILEGE_DEPENDENCY_^TABLE, and 
DISPLAY_TABLE are stored. In step SIO the method of Fig: 5 ends. Steps SI - S6 can be 
performed by a human user of the method, such as an administrator of the network system 
10. Steps S7 - S8 are performed by the application program running on the terminal device 

25 12. Step S9 is performed by the terminal device 12 running its application program to store 
the data tables in the data storage unit 14 via the database server 16, the network 20, and the 
network server 18. 

In step SI of Fig. 6A, a method for the operation mode of the mvention begios in step 
SI. In step S2 the DISPLAY_TABLE is read. Step S2 can be performed by the temunal 

30 device 12 nmmng the application program to read the .DISPLAYJTABLE fix>m the data 
storage unit 14 via the database server 16, the network 20, and the network server 18. In step 
S3, the display 42 of privilege istate data is generated. The display 42 can be generated with 
privilege state data in an array of cells in a three-dimensional view in correspondence with 
respective privilege labels, object labels, and user labels, based on the privilege state data, 

35 the privilege data, the object data and the user data, respectively, fi-om the 
DISPLAY_TABLB. In step S4, a determination is made to establish whether an mput 
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device such as the mouse 36 has been activated. If so, in step SS, a detenninistion is made to 
establish the location of the cursor 58 xxpaa activation of the mouse 36. In step S6, a 
determination is made to establish whether the cursor 58 was pointing to a cell at the time of 
its activation. If the determination in step S6 is affirmative, in step S7, the privilege state 

5 data so input is stored in the DISPLAYJTABLB in correspondence with respective user 
data, object data, and privilege data. After performance of step S7 or if the determination of 
step S6 is negative, the method proceeds to step S8 of Fig. 6B. In step SB, a determination is 
made to establish whetiier. a privilege label, object label, or user label has been selected by 
the user via the user interface, i.e., via the mouse 36 and the display unit 38. If so, in step 

10 S9, the display 42 is modified by adding or removing cells 52 and corresponding privilege 
state data if the selected privilege label, object label, and user label are different than those 
for which the display 42 has been generated at the tune of activation of the user interface. 
After perfomiance of steps S4 or S9, or if the determination in step SB is negative, the 
method of Figs. 6A and 6B ends in step S16. Steps SI - SIO of tiie method of Figs. 6A and 

15 6B can be performed by the terminal device 12 running the appUcation program. Steps S2 
and S7 can be performed by the data storage unit 14, the database server 16, the network 20, 
and the network server 18 in addition to the temiinal device 12 under control of the 
application program. 

5, Data Tables 

20 Fig. 7is a view of the USER__TABLE data table. The USER^TABLE basically 

includes five columns of associated data.. The USER_ID column uniquely identifies the 
users of the network system 10, in this example "JoeUser" by user data. The 
PARENT_GROUP_ID column uniquely identifies a group of users to which the 
corresponding user belongs, and establishes the hierarchical relationships among the users 

25 and groups. In this example, the user "JoeUser" is a member of the group "CEO". The 
objects pertaining to the user include data tables "AdamCriteria", "AdamLog", "Addresses", 
"Adnmiistration", etc. The privilege states "Read", "Write", etc. are stored in the 
USERJFABLE in correspondence with the object data to which they pertain. The privilege 
state data for flie "Off', "On", and "No Value" istates are associated with respective privilege 

30 data. The bullets indicate that tii^ can be additional data for additional users, parent 
groups, objects, privileges, and privilege states. 

Fig. 8 is a view of the GROUP_TABUB and has five columns of associated data. 
The GROUP_ID column uniquely identifies the groups of user entities in the network 
system 10. In this example the groups include "Public", "Default", and "CEO" groups. In 

35 the second column PARENT_GROUP_ID is indicated. In this case, "None" indicates that 
there is no parent group associated with the groups listed in the GROUPJTABLE. In the 
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object column, the object data are stored in correspondence with respective user data 
identifying the groups. In this example, the object data includes "AdamCriteria", 
"AdamLog", Addresses", "Administration", etc. In correspondence with the object data are 
stored privilege data. In this example, the privilege data include "Read", "Write", etc. Also, 

5 the privilege state data is stored in correspondence with respective privilege data, object data, 
and user data. The privilege state data can include "On", "Off', and "No Value" states, 
although none of the privilege state data is set to "Off* in the example of Fig, 8. 

Fig. 9 is a view of the OB JECT_DEPENDENCY_TABLE that has two columns of 
associated object data. The OBJECT column has object data that identifies respective 

10 objects, and the DEPENDENT OBJECT column indicates object data of objects whose 
privilege states are dependent from the objects identified by object data in the OBJECT 
column. The OBJECT_DEPENDENCY_TABLE can be used to set dependencies of the 
privilege state data for different objects. The application program running on the terminal 
device 12 uses the OBJECTJDEPENDENCY^TABLE to replicate the privilege state data 

15 associated with the object identified by the object data of the OBJECT column to the 
privilege state data associated with the object identified by the object data of the 
DEPENDENT OBJECT column. Therefore, m the example of Fig. 9, the privilege state data 
of the "Administration" object will be replicated or copied to the "Labor" object for all user 
data. 

20 Fig. 10 is a view of the PRIVILEGB_DEPENDENCY_TABLE that has two columns 

of associated privilege data. The PRIVILEGE column has privilege data that identifies 
respective privileges, and tjie DEPENDENT PRIVILEGE column indicates privilege data of 
privileges whose privilege states are dependent from the privileges identified by privilege 
data in the PRIVILEGE column. The PRIVILEGE_DEPENDENCY_TABLE can be used 

25 to set dependencies of the privilege state data for different privileges. The application 
program running on the terminal device 12 uses the PRIVILEGE_DEPENDENCY_TABLE 
to replicate the privilege state data associated with the privilege identified by the privilege 
data of the PRIVILEGE column to the privilege state data associated with the privilege 
identified by the privilege data of the DEPENDENT PRIVILEGE column. Therefore, in the 

30 example of Fig. 8, the privilege state data of the '"Read" privilege will be replicated or copied 
by the £q)plication program running on the terminal 12 to the "Write, Create, Delete" 
privilege for all user data. Therefore, if the privilege state data is set to allow a user to read 
data of an object, the user will also have ttie capability to write, create, or delete that object. 
Fig. 11 is a view of a DISPLAY_TABLE that has four columns of associated data. 

35 The USER/GROUP_ID column stores the user data for all groups and users of the network 
system 10. The OBJECT column stores object data for all data and software component 
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objects of the network system 10 used by the user entities. The PRIVILEGE column stores 
privilege data of the privileges associated with the objects of the OBJECT colunm. The 
STATE columns stores privilege state data corresponding to the privileges of the network 
system 10. The DISPLAY_TABLB is generated by the terminal 12 running the s^plication 
5 progpam based on flie USERTABLE^ GROUPJABLE^ OB JECT_DBPENDENCY_TABI£, and 
PRIVILEGE_DEPENDENCY_TABLE. The generation of the DISPLAY^TABLE 
corresponds to step S8 of Fig. 5. The DISPLAY_TABLE is generated as follows. The user 
data, object data, privilege data, and privilege state data are replicated from the Public 
GROUP^ID of the GROUP^TABLE to the DISPLAY__TABLE. The "On" states for the 

10 privilege state data of the Public GROUP_ID are converted to "Public On" states in the 
DISPLAY TABLE for corresponding user data, object data, and privilege data. The user 
data, object data, privilege data, and privilege state data for the Default, CEO, and JoeUser 
GROUP_IDs are replicated to the DISPLAY^TABLE so that "On", "Off" and "No Value" 
states of the USER^TABLE and GRQUP^TABLE translate to"On", "Off', and "Not Set 

15 (Off)" states in the DISPLAY_TABLE. The OBJECTJDEPENDENCY^TABLE is used to 
replicate privilege state data for objects listed therein to privilege state data for depend^t 
objects. The PRIVILEGEJDEPENDENCY^TABLE is used to rq>Hcate privilege state 
for privileges listed in the table to flie privilege state data for dependent privileges. The 
"PubUc On" and "OflP' states for the pubUc GROUP^ID in the DISPLAY table are repUcated 

20 to the privilege state data for the user entities. The privilege state data of ttie Default group 
are replicated to the corresponding privilege state data for the user entities. In the event of a 
conflict between the privilege state data designated by the Public GROUP_ID and the 
privilisge state data designated by the Default, user or user group privilege state data, the 
Public GROUP_ID overrides the Default, user or user group privilege state data. 

25 Accordingly, under the AdamLog object for the CEO GROUPIE) the privilege state data is 
• set to the "Public On" state despite the fact that the Default privilege state data is in the "On" 
state. The PARENT_GROUP_ID of the USER^TABLE is utilized by tiie application 
program to determine the user hierarchy. In this example, because JoeUser is m the CEO 
group as indicated the PARENT^GROUPJD, tiie "On" state for tiie CEO GROUP_.ID 

30 privilege state data for the Addresses object is inherited by corresponding privilege state data 
for JoeUser, and such state is designated as "Inherited On" with respect the Addresses object 
for JoeUser. The application program running on tiie terminal device 12 thus generates the 
DISPLAY^TABLE. 

Fig. 12 is a view of a display 42 that can be generated by the terminal device 12 in 
35 running its application program. The display 42 includes a hierarchy tree 66 generated by 
the user data and corresponding parent group data stored as USER_ID, GROUP JD, and 
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PARENT^GROUP^ID in the USER^TABLE and GROUP^TABLE. Fig. 12 indicates an 
exemplary pop-up menu 68 for adding, deleting, or modiiying us^ data via the terminal 
device 12. An administrator can use the input devices 34, 36 of the terminal 12 to create, 
read, modify or delete user data via the display 42 of Fig. 13. Based on the user data ii^>ut to 
5 the terminal device 12, the terminal device 12 writes changes to the data tables for 
USER^TABLE, GROUP_TABLE, and DISPLAY_TABLE to the data storage unit 14 via 
the database server 16, the network 20, and the network server 1 8. 

Fig. 13 is a view of a display 42 that is generated by selection of the '"New" and 
"User" options in the pop-up menu 68 of Fig. 12. Interacting with the display 42 via the 

10 input devices 34, 36, a network administrator can input user data including a USER_ID in 
field 70, and other data pertaining to a new user entity. Parent group data can be input to 
field 72 via the input devices 34, 36 to indicate PARENT_GROUP_ID data for a group of 
which the user identified by the USER_ID field is a member. A similar display can be used 
to input, modify or delete user data for a group of users by selection of die "New" and 

15 "Security Group" options in the pop-up menu 68. The display 42 of Fig^ 13 can be generated 
by selection of the "User Ihfonnation" tab 60 with the input devices 34, 36. 

Fig. 14 is a view of a display 42 that is generated by selection of the ''Business 
Con^onent Security" tab 60 via the input devices 34, 36 and the display 42. Further 
selection of the "Agents" option in menu 76 and die "New" control element under the 

20 "Agents Components Rigjits" software control elements 78 via die input devices 34, 36 and 
the display 42, generates dialog box 80. The dialog box 80 includes field 76 for entering 
privilege data identifying a privilege of an object. The dialog box 80 also includes a 
"Dependencies" field 84 for entering dependent privilege data for storage in the 
PRIVILEGE^DEPENDENCY^TABLE. Upon clicking the "OK" control element of the 

25 dialog box 80, the terminal device 12 writes the privilege data and dependent privilege data 
to the USER^TABLE, GROUP^TABLE, and PRTVILEGE^DEPENDENCY^TABLE. The 
temiinal device 12 regenerates the DISPLAY^TABLE based on the USER_TABLE, 
GROUPJABL^ CSBSECFDWEmmC^ TABLE, PRIVILEGE^DEPENDENCY^TABLE, 
and DISPLAY^TABLE to update the DISPLAY_TABLE for the changes made to the 

30 privilege data. 

Figure 15 is a view of a display 42 that can be generated by the application program 
of the invention to permit objects to be created, modified or deleted. The name of a new 
software component can be entered in the field 86 and the control element 88 activated via 
input devices 34, 36 to create a new software component for which privilege states can be 
35 tracked for different users or user groups. The field 90 can be used to enter the name of a 
new data table object and the control element 88 via the input devices 34, 36 to create a new 
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data table object. Selection of an object in the displayed list 92 and activation of the control 
element 88. can be used to delete an object. 

The application program embodied by the methods of Figs. S and 6A and 6B can of 
course by stored on various storage media articles and loaded into a tenninal device to 
5 g^erate a display of privilege state data for a network system in a three-dimensional view. 
Such storage media include random-access memory (RAM), read-only memory (ROM), CD- 
ROMy DVD, hard-storage-disk drives, tape drives, or any other storage device. 

The application program described h^ein is not intended to enforce privileges of the 
network system 10. Rather this function is performed by a different application program that 
10 is not a part of the invention. However, it is desirable that the USERJTABLE, 
GRDUPJTABLE, OBJECTDEPENDENCYjrABLE, PRIVILEGE_DEPENDENCY_TABLE, 
and DISPLAY_TABLE have a data format that is compatible with the privilege enforcement 
application program. 

The many features and advantages of the present invention are ^parent from the 
15 detailed specification and. thus, it is intended by the appended claims to cover all such 
features and advantages of the described methods, system and article that follow in the true 
spirit and scope of the invention. FurQier, since numerous modifications and changes will 
readily occur to those of ordinary skill in the art, it is not desired.to limit the invention to the 
exact construction and operation illustrated and described. Accordingly, all suitable 
20 modifications and equivalents may be resorted to as &lling within the spirit and scope of the 
invention. 

Industrial Applicability 
The disclosed methods, system, and article can be used to privilege state data 
radicating the privileges of users or groups of users to use different objects supported by a 
25 network enviroimaent. The disclosed methods, system, and article therefore have use and 
applicability in numerous industries, including the network management, administration, and 
security industries. 
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Claims 

1. A meftiod characterized by the step of: 

a) generating a display of privilege state data in a fbree-dimensional view. 

2. A method as claimed in claim 1 wherein the privilege state data include 
5 graphical symbols mdicating at least **on" and "ofP* states. 

3. A method as claimed in claim 1 wherein the privilege state data includes 
graphical symbols indicating "on", "inherited on", "public on", "off", "not set", and 
"disabled" states. 

4» A method as claimed in claim 1 wherein the display includes privilege labels, 
10 object labels, and user labels generated based on privilege data, object data, and user data, 
respectively, the privilege labels, object labels, and user labels arranged along respective 
axes of the three-dimensional view. 

5. A method as claimed in claim 4 wherein the privilege state data are displayed 
in a plxirality of cells arranged in association with respective privilege labels, object labels, 

15 and user labels. 

6. A method as claimed in claim 1 wh^ein the cells are displayed in association 
with privilege labels, object labels, and user labels, the privilege labels identifying at least 
one privilege, the object labels identifying at least one object associated with tihye privilege, 
and the user labels identifying at least one user or group of users using the object in the 

20 network system. 

7. A method as claimed in claim 6 wherein the privilege labels, the object labels, 
and the user labels are arranged along respective transverse axes in the three-dimension 
view. 

8. A method as claimed in claim 6 wherein the privilege labels identifies data 
25 access, data view, and data flow privileges to access or transfer data pertaining to the object * 

within or without the network system. 

9. A method as claimed in claim 6 wherem the privilege labels identifies data 
access privileges. 

10. A mefliod as claimed in claim 9 wherein the data access privileges include the 
30 cs^abilities to read, write, create, and delete data for an object stored in a database accessible 

by the network system. 

.11. A method as claimed in claim 6 wherein the object labels identifies data for at 
least one object stored in a database accessible by the network system. 

12. A method as claimed in claim 6 wherein the privilege labels identifies view 
35 privileges including a privilege to create a view of privilege state data for objects. 
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13. A method as claimed in claim 1 wherein fhe user labels identifies at least one . 
user group. 

14. A method as claimed in claim 1 wherein the user labels identifies at least one 

user. 

5 15. A method as claimed in claim 1 wherein the privilege state data indicates 

privilege states of at least one user or user group with respect to objects accessible in a 
network system. 

16. A method as claimed in claim 1 wherein the privilege state data indicates 
privilege states of at least one user or user group with respect to data objects stored in a data 

10 storage unit. 

17. A method characterized by the step of: 

a) on a user interface of a terminal device generating a display of privilege 
state data in an array of cells in a three-dimensional view on a terminal device, the privilege 
state data of the cells displayed in correspondence with privilege labels^ object labels, and 
15 user labels arranged along respective transverse axes of the three-dimensional view. 

18. A method as claimed in claim 17 wherein the privilege labels correspond to 
respective privilege data, the object labels correspond to respective object data, and the user 
data correspond to respective us^ data, further characterized by the steps bf: 

. . b) with the user interface of the tenninal device, iiq)utting privilege state data 
20 into at least one cell of the array using at least one privilege label, object label, and user 
label; 

c) determining the privilege data, object data, and usct data corresponding to 
the cell in which the privilege state data is input in the step (b); 

d) storing the privilege state data in a memory in correspondence with 
25 respective privilege data, object data, and user, data determined in step (c) for the cell in 

which the privilege state data was input in the step (b); and 

e) iqKiating fhe display to include a privilege state symbol corresponding to 
fhe privilege state data input by fhe user in the step (b), based on the privilege state data 
stored in the memory in the step (d). 

30 19. A me&od as claimed in claim 17 wherem the privilege state data includes 

data for "on", "inherited on", "pubKc on", "off", "not set", and "disabled" states. 

20. A method as clauned in cUdm 19 wherein fhe privilege state data toggles 
between the "on", "inherited on", "public on", "off", "not set", and "disabled" states with 
successive activations of an input device of the user inter&ce. 
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21 . A method as claimed in claim 1 8 further characterized by the steps of: 

f) with the user inter&ce of the terminal device, selecting at least one of the 
privilege labels, object labels, or user labels; and 

g) modifying the display of tibe privilege state data by removing or adding 
5 cells to the three-dimensional view, based on the step (f). 

22. A method as claimed in claim 18 wherein the user data identifies first and 
second user entities related by predetermined hierarchical relationship data and fiie privilege 
state data is input in the step (b) in at least one cell corresponding to first user entity, the 
method further characterized by the steps of: 

10 f) determining whether the second user entity inherits privilege state data 

from the first user entity, based on the hierarchical relationship data; and 

g) if the determination in the step (f) establishes that the second user entity 
inherits the privilege state data from the first user entity, storing the privilege state data input 
in the step (b) in correspondence with the user data for the second entity and the object data 

15 and privilege data for which the privilege state data was input in the step (b). 

23. A method as claimed in claim 18 wherein the user data identifies 
depmdendes between first and second object data related by predetemiined dependency, 
data, the method fiirther characterized by the steps of: 

f) detennining whether the second object data inherits privilege state data 
20 from the &om the first object data, based on the predetermined dependency data; and . 

g) if the determination in the step (f) establishes that the second object data 
inherits privilege state data from the first object data, storing the privilege state data input in 
the step (b) in correspondence with the user data for the second entity and the object data and 
privilege data for which the privilege state data was input in the step (b). 

25 24, A method as claimed in claim 18 wherein the user data identifies 

dependencies between first and second privilege data related by predetermined dependency 
data, the method further characterized by the steps of: 

f) determining whether the second privilege data inherits privilege state data 
from the &om the first privilege data, based on the predetermined dependency data; and 

30 g) if the determination in the step (f) establishes that the second privilege data 

inherits privilege state data from the first privilege data, storing the privilege state data input 
in die step (b) in correspondence with the user data . for the second entity and flie object data 
and privilege data for which the privilege state data was input in the step (b). 
25. A network system characterized by: 

35 at least one terminal device having a user interface generating a display of 

privilege state symbols in an array of cells in a three-dimensional view, the cells displayed in 
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correspondence with privilege labels, object labels, and user labels arranged along respective 
transverse axes of the three-dimensional view; 

a data storage unit coupled to the terminal device, the data storage unit storing 
corresponding privilege data, object data, user data, and privilege state data, the privilege 
5 labels generated based on privilege data, the object labels generated based on respective 
object data, the user labels generated based on respective user labels, and the privilege state 
symbols generated based on the privilege state symbols; and 

at least one server coupled to the terminal device and the data storage unit, the 
server transmitting privilege data, object data, user data, and privilege state data between the 
10 terminal device and the data storage unit. 

26. A network system as claimed in claim 25 wherein the display is generated on 
the user interface by an application program runrdng on the terminal device, the q)plication 
program including an application program interface to convert privilege state data, privilege 
data, object data, user data, into privilege state symbols, privilege labels, object labels, and 

15 user labels, respectively, for the three-dimensional view for the display on the user interface 
of the terminal device. 

27. An article of manxifacture for use with a terminal device, the article 
characterized by a storage medium having an application program for generating a display of 
privilege state in a three-dimensional view on a terminal device. 
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